Microsoft Cloud Security Researcher – EPSF IL 

Israel, Tel Aviv District 

472912047

Required/Minimum Qualifications

• 5+ years of hands-on experience in offensive security research, with 2+ years focus on cloud environments.

• Proven track record of discovering and responsibly disclosing security vulnerabilities.

• Expertise in cloud security technologies, including Azure, AWS, GCP and similar.

• Proficiency in multiple programming and scripting languages.

Other Requirements:

• Bachelor's degree or equivalent in Computer Science, Information Security, or a related field. Advanced degrees are a plus.
• Strong written and verbal communication skills, with the ability to convey complex security concepts to both technical and non-technical audiences.

• Research and discover zero-day vulnerabilities in cloud environments and associated technologies. Develop and implement proof-of-concept exploits to demonstrate potential risks and work closely with engineering teams to address findings.

• Conduct in-depth threat modeling exercises to identify security risks and vulnerabilities in Microsoft's cloud infrastructure. Collaborate with cross-functional teams to assess the impact of identified threats and propose mitigation strategies.

• Design and execute sophisticated penetration tests against Microsoft's cloud services, simulating real-world attack scenarios. Provide detailed reports outlining vulnerabilities, exploitation techniques, and recommended remediation steps.

• Create and maintain cutting-edge vulnerability discovery, exploitation, and penetration testing tools in cloud environments. Stay abreast of the latest security research and integrate innovative techniques into the offensive security toolkit.

• Collaborate with internal security teams to enhance overall security posture, including incident response and defensive security. Participate in knowledge-sharing initiatives, mentor junior team members, and contribute to the security community.